Under moderate supervision, Cyber Security Analyst II identifies and resolves potential security breaches and vulnerabilities; maintains information security tools necessary to ensure the secure operation of IDA’s information system infrastructure; supports all aspects of incident response as directed by senior analysts; and provides technical expertise and support to projects.
1. Executes Information Security Monitoring
- Monitors and analyzes information security alerts from network devices and endpoints
- Responds to and directs the response to information security incidents
- Analyzes indicators of compromise for use in detection
2. Monitors the cyber security infrastructure
- Verifies systems are operating as expected
- Identifies any issues and applies mitigations as appropriate
- Alerts senior analysts to complex issues
3. Supports Media Forensics and Malware Analysis
- Analyzes files and systems with provided tools
- Identifies potential malware and vulnerabilities of analyzed files
- Applies mitigations or remediations to systems with identified malware or vulnerabilities
4. Supports Incident Response
- Hunts for possible compromises
- Creates scripts to automate repetitive tasks
- Analyzes systems for possible compromise
- Works with senior analysts to mitigate or remediate any compromise
- Documents all findings
5. Supports Cybersecurity Projects
- Takes ownership of a cyber-security related project
- Interfaces with senior analysts for guidance
- Interfaces with professional services when needed
6. Performs other duties as assigned.
- Bachelor’s degree in computer science, computer security, or related discipline or equivalent experience in a related field.
- Three years of experience in Information Technology which includes at least two years of experience in cyber security.
- Experience with cyber-security and information technology (but not limited to): firewalls, networking, DNS, host security hardening, anti-virus software, and network/computer exploitation techniques.
- Experience with system and network vulnerabilities, intrusion monitoring, network mapping, auditing and intrusion detection systems, notification of Internet threats, and forensic response preferred.
- Experience with notification of Internet threats, alerts, and vulnerabilities.
- Must be self-motivated and able to work with minimal supervision and within teams.
- Excellent written and oral communications skills, excellent interpersonal skills and the ability to interface with all levels of employees.
- Possesses or able to obtain within six months an information security certification commensurate with DoD Instruction 8570.
- Ability to obtain and maintain appropriate security clearance.
Successful completion of a criminal background check is required.
U.S. Citizenship is required
Ability to obtain and maintain a security clearance is required